Security Test 1
What ranges for the first number in an IP address are for A-E?
A: 0-126, B: 128 - 191, C: 192 - 223, D: 224 - 247, E: 248 - 255
Why will protecting against Trojan horse attacks reduce DoS attacks?
Because many denial of service attacks are conducted by using a Trojan horse to get an unsuspecting machine to execute the DoS
Which of the following was one of the three universities involved in the original distributed network setup by a government agency?
Berkeley
Submitting a fake but very high bid to deter other bidders is referred to as what?
Bid shielding
What can you do with your firewall to defend against DoS attacks?
Block all incoming ICMP packets
What is historically the most common way for a virus to spread?
By email attachment
What do you call a DoS launched from several machines simultaneously?
DDos attack
Translates URLs into Web addresses
DNS (Domain Name Service)
Which layer of the OSI model is divided into two sublayers?
Data Link
What factor about the Sobig virus made it most intriguing to security experts?
It spread in multiple ways
What protocol is used for web pages, and what port does it work on?
HTTP, port 80
If you are a victim of cyber stalking, what should you do to assist the police?
Keep electronic and printed copies of all harassing communications
The most desirable approach to security is one that is:
Layered and Dynamic
The TCP protocol operates at what layer of the OSI model?
Level 4: Transport
Be able to identify invalid IP addresses
Look at the first number. If it is not 0 - 255 then it is not a valid IP address
A unique hexadecimal number that identifies your network card is called what?
MAC Address
What are three methods for protecting against SYN flood attacks?
SYN cookies, RST cookies, and stack tweaking
Leaving a connection half open is referred to as what?
SYN flood attack
What virus exploited buffer overflows?
Sasser virus
Which of the following is something a Trojan horse might do?
Open a back door for malicious software
What are the three approaches to security?
Perimeter, Layered, and Hybrid
What is the term for hacking a phone system?
Phreaking
An intrusion-detection system is an example of which of the following?
Proactive Security
Which of the following is the best definition of "virus"
Program that self-replicates
Artificially inflating a stock in order to sell it at a higher value is referred to as what?
Pump and Dump
What is a buffer-overflow attack?
Putting more data in a buffer than it can hold
The connector used with network cables is called what?
RJ-45
A device used to connect two or more networks together is a what?
Router
What protocol is used to send email, and on what port does it work?
SMTP, port 25
A seller (on an online auction site) bidding on his or her own items to drive up the price is referred to as what?
Shill bidding
What can you do with a firewall to help protect against virus attack?
Shut down all unneeded ports
Which of the following virus attacks used a multimodal approach?
Sobig virus
When a hacking technique uses persuasion and deception
Social Engineering
What is malware?
Software that has some malicious purpose
A key logger is what type of virus?
Spyware
What type of defense depends on changing the server so that unfinished handshaking times out sooner?
Stack tweaking
Vince Cerf created:
TCP?
What protocol is used for remotely logging on to a computer?
Telnet
The most common Internet investment fraud is known as what?
The Nigerian fraud
How big is a TCP packet header?
The size is always 20 bytes
One extreme viewpoint about computer security is what?
There are no imminent dangers to your system
Internet addresses of the form www.google.com are called what?
Uniform Resource Locators (URL)
The cable used in networks is also referred to as what?
Unshielded twisted pair
Tim Berners-Lee invented:
World Wide Web
The IP address of 127.0.0.1 always refers to your what?
Yourself
A T1 line sends data at what speed?
1.54Mbps
What percentage of cyber stalking cases escalate to real-world violence?
19%
Before you can formulate a defense for a network you need what?
A clear picture of the dangers to be defended against
What is a sneaker?
A person who hacks a system to test its vulnerabilities
What is a cookie?
A small file made that contains data and then is stored on your computer
Which US government agency created the distributed network that formed the basis for the Internet?
Advanced Research Projects Agency (ARPA)
Definition of sensitive information
Any information that if accessed by unauthorized personnel could damage your organization in any way
What is a computer virus?
Any program that self-replicates
What is spyware?
Any software that monitors your system
What is the most basic security activity?
Authentication
The first computer incident-response team is affiliated with what university?
Carnegie-Mellon University
What type of cable do most networks use?
Category 5
What is the most common threat on the Internet?
Computer viruses
What is the CIA triad?
Confidentiality, Integrity, Availability
What is war-driving?
Driving looking for wireless networks to hack
According to the U.S. Department of Justice, identity theft is usually motivated by what?
Economic gain
According to a recent survey of 223 computer professionals prepared by the Computer Security Institute, which of the following was cited as an issue by more of the respondents?
Employee abuse
Major resource for detailed information on computer viruses:
F-Secure Virus Library
The simplest device for connecting computers is called what?
Hub
Which utility gives you information about your machine's network configuration?
IPConfig
Why is cyber stalking a serious crime?
It can be a prelude to violent crime
What was most interesting to security experts about the Mimail virus?
It grabbed email addresses from documents on the hard drive
Which of the following is a real-life example of a DDoS attack?
MyDoom virus
What is a NIC?
Network Interface Card
The point where the backbones of the Internet connect is called what?
Network access points
What is the first step in protecting yourself from identity theft?
Never provide any personal data about yourself unless absolutely necessary
